Privacy Policy

DIAL ("Driving Impact, Accountability & Leadership") is a strategy execution platform operated by ETI Consulting. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform.

By accessing or using DIAL, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you do not agree, please discontinue use of the platform.

2.1 Information You Provide

• Account information: name, email address, and password when you create an account.
• Profile data: job title, team assignments, and organisational role.
• Strategic data: goals, commitments, scorecards, financial metrics, and other content you enter into the platform.
• Communications: messages sent through the AI assistant feature.

2.2 Information Collected Automatically

• Device and browser information: IP address, browser type, operating system, and screen resolution.
• Usage data: pages visited, features used, session duration, and interaction patterns.
• Cookies and similar technologies: see our Cookie Policy for details.

• Provide, maintain, and improve the DIAL platform and its features.
• Authenticate users and manage session security.
• Generate scorecards, analytics, and reports for your organisation.
• Power AI-assisted features such as the strategy co-pilot.
• Communicate with you about updates, support, and service-related notices.
• Monitor and prevent fraud, abuse, and security incidents.
• Comply with legal obligations and enforce our terms of service.

Your data is stored securely using industry-standard practices:

• Database: All platform data is stored in Supabase (powered by PostgreSQL) with row-level security policies ensuring tenant isolation.
• Authentication: Managed by Supabase Auth with encrypted password storage (bcrypt) and secure session tokens.
• Encryption: Data is encrypted in transit (TLS 1.2+) and at rest (AES-256).
• Session management: Automatic session expiry after 30 minutes of inactivity with secure, HttpOnly cookies.

DIAL uses cookies to provide essential functionality and improve your experience. For detailed information about the cookies we use, their purpose, and how to manage them, please see our Cookie Policy.

We share data with the following trusted third-party services, solely to provide and improve the platform:

We do not sell your personal data to any third party. Data sharing is limited to what is necessary for the service to function.

Under applicable data protection laws (including GDPR and POPIA), you have the following rights:

• Right of Access: Request a copy of the personal data we hold about you.
• Right to Rectification: Request correction of inaccurate or incomplete data.
• Right to Erasure: Request deletion of your personal data, subject to legal retention requirements.
• Right to Data Portability: Request your data in a structured, machine-readable format (JSON or CSV).
• Right to Restrict Processing: Request limitation of processing in certain circumstances.
• Right to Object: Object to processing based on legitimate interests.
• Right to Withdraw Consent: Withdraw consent for optional cookies and data processing at any time.

To exercise any of these rights, contact us using the details in Section 10 below. We will respond within 30 days.

We retain your data for as long as your account is active or as needed to provide services. When you request deletion:

• Account data is deleted within 30 days of the request.
• Aggregated, anonymised data may be retained for analytics purposes.
• Backup copies are purged within 90 days following standard retention cycles.

DIAL is a business platform and is not intended for use by individuals under the age of 18. We do not knowingly collect data from minors.

For privacy-related questions, data requests, or concerns, contact our Data Protection team:

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated revision date. Continued use of DIAL after changes constitutes acceptance of the revised policy.